Information security standard for money transfers developed

The Bank of Russia presents to credit institutions an algorithm to improve information security in the conduct of money transfers. The standard, Information Security in the Banking System of the Russian Federation will be effective from 1 January 2017.

The document covers entities within the Russian banking system which operate as either money transfer operators or providers of payment infrastructure services. The proposed standard establishes procedures for collection of technical data in the course of response to information security incidents which may occur in the money transfer process.

The standard seeks to ensure an optimised process of technical data collection and processing, retention and permanence of data on incidents related to information security in the conduct of money transfers, as well as access to such data, their integrity and confidentiality in the subsequent process of their handling.

The Standard will help enhance the quality of the banking system’s response to information security threats, the effectiveness of action to combat cyber fraud and upgrade the overall level of payment infrastructure security.